It has long been known that wireless communications provide significant benefits in terms of user mobility and convenience. With the recent advances in wireless communication protocols, wireless device battery life, and other supporting technologies, the application of such wireless communications into the computing environment has greatly increased productivity and convenience for computer users, both at the professional and home consumer level. Indeed, the high data rates available through modern wireless communication protocols has enabled corporate users to embrace such wireless computing capabilities for their computing infrastructure. Indeed, the ability to form ad hoc wireless networks in addition to the ability to connect in an infrastructure mode to a corporate computer network allows corporate workers to collaborate, share documents, and conduct productive meetings without the hassles and constraints imposed by a wired only computer network. These mobile computing users may now have complete access to their network resources regardless of their physical location within the corporation. Still further, in an ad hoc mode, mobile computing users may conduct meetings at remote sites, such as an airport, with other wireless computing users. Indeed, such ad hoc wireless networks may be formed with corporate employees as well as customers or other visitors to a corporation. The internal security mechanisms will then ensure that the customer or other visitor may participate in the ad hoc meeting, but cannot gain access to the wired corporate infrastructure of the corporation.
Unfortunately, the broadcast nature of wireless communications exposes a significant threat that the information exchanged during such communications may be intercepted by malicious third parties. That is, because the information exchanged during a wireless computing session is broadcast wirelessly through the air to the other participants in the wireless computing session, a malicious entity can also receive this information. Such a malicious entity can then learn valuable information, including personal, financial, business information and passwords that may expose a further risk to the corporate computing infrastructure or the home computer network. While it may be impossible to prevent a malicious eavesdropper from receiving the wireless transmission, it is relatively east to protect the content of these broadcasts through simple encryption techniques that are well-known and practiced currently in the wireless communications arts. That is, while a malicious eavesdropper may still be able to intercept the wireless communication transmission, since the information being transmitted is encrypted, this malicious eavesdropper cannot decipher the information that he has intercepted. Indeed, modern private key encryption techniques effectively register the interception of such encrypted transmissions completely useless, garbled data. As such, most sensitive and corporate wireless computing communications utilize some form of data encryption for all data exchanged in a wireless computing session.
As is well-known in the art, such data encryption methods utilize a shared key or secret known only to the authorized participants in the wireless communication session. In this way, each party can encrypt its information prior to transmitting it wirelessly to the other participants in the computing session who then each use the shared secret or key to encrypt the information for use. Any malicious third party eavesdropper receiving this wireless broadcast is unable to decrypt this information since he is not privy to the secret or key known by the authorized users. However, for the system to work, each of the authorized uses in the wireless computing session must know the shared secret or key. The problem becomes, therefore, how to communicate this shared secret or key to each of the authorized participants in a wireless computing system without inadvertently disclosing this key to a malicious third party eavesdropper. Currently, this problem is handled in various ways, all of which detract from the benefits provided by wireless communications itself. That is, one method of exchanging the shared secret or key is to require each of the participants to physically couple to a wired network so that the key can be exchanged among the participants of the wireless computing session. However, requiring the participants of a wireless computing session to first physically couple their wireless computing devices together via a wire is burdensome and not desired by wireless computer users. Alternatively, the shared secret or key may be exchanged between the participants in an offline manner, such as though voice communication, the passing of notes, etc., however, these techniques are also undesired, and are more prone to inadvertent discovery by a malicious third party. Shared secret or key exchanges may also be made through close range infrared (IR) communications between the wireless computing devices. However, such techniques also entail a certain amount of risk that the IR transmission may be intercepted by a malicious third party eavesdropper unless extraordinary measures are taken during this shared secret or key exchange. At the corporate level, wireless computing users may be required to first log in to their wired computing network via a docking station or LAN cable adapter to receive the infrastructure shared secret or key for the day before they are able to begin wireless computing at work. Once again, such requirements for wired communications prior to engaging in secure wireless communications complicates the process, deters users from engaging in such wireless communications, and significantly detracts from the advantages provided through such advanced wireless communications technologies.
There exists, therefore, a need in the art for a method of key exchange or generation that fully utilizes wireless communication and eliminates the requirement for offline key exchange, wired key exchange, or other cumbersome mechanisms to communicate a shared secret or key among authorized users of a wireless computing network.
There exists, therefore, a need in the art for a peer-to-peer identity management interface that addresses the above-described and other problems existing in the art.